A Comparison Of Shodan and Leakix Indexed Information
By Tom Seest
In the first part of this article, we looked at the similarities and differences between Shodan and LeakIX Search publicly indexed information. Shodan is a popular web crawler, but its index is not as comprehensive as LeakIX. Specifically, Shodan indexes publicly accessible devices, while LeakIX does not. The data it collects is also not as extensive as Shodan’s. It primarily gathers a few files and assets that are found by the web crawler.
This photo was taken by Mikhail Nilov and is available on Pexels at https://www.pexels.com/photo/power-on-and-off-switch-on-wall-7663143/.
Table Of Contents
The LeakIX search engine is similar to Shodan in many ways but has some important differences. First, it returns a much smaller number of results. The top 10 results only contain a few pieces of information, including operating system and location. Additionally, the results are not as detailed as Shodan’s. Unlike Shodan, LeakIX does not index publicly accessible devices like IPv6 routers and webcams.
The Shodan search engine was created by John Matherly and now covers over 500 million connected devices each month. The tool is useful for threat intelligence and for exposing company data. For example, it has been used to locate the control systems of a water park, gas station, crematorium, and hotel wine cooler. Additionally, it has been used by cybersecurity researchers to identify the command and control systems of a particle-accelerating cyclotron and nuclear power plant.
The LeakIX platform also provides users with an insight into compromised devices and servers. It also alerts users to active ransomware campaigns, provides information on network leaks, and indexes company data. It also aims to provide a secure platform to fix security flaws and misconfigurations. Its database of software vulnerabilities is updated constantly.
While Shodan is the classic reconnaissance platform, LeakIX Search has several noteworthy differences. It has a more user-friendly UI, allows more devices to be indexed, and has tutorials in Chinese. LeakIX Search results are also significantly larger than Shodan’s.
This photo was taken by Michael Steinberg and is available on Pexels at https://www.pexels.com/photo/close-up-of-coin-318820/.
In order to search for certificates logged by CT, you’ll need a tool that ingests these logs and indexes them by domain name. While SSLMate indexes logs for you, it has several limitations, including the need to update the list several times a year, the inability to search across all logs, and the need to duplicate certificates with the same name across multiple logs.
This photo was taken by Anete Lusina and is available on Pexels at https://www.pexels.com/photo/crop-cyber-spy-typing-on-computer-keyboard-while-hacking-system-5240544/.
LeakIX is a web search engine that indexes publicly available information from open hosts on the internet. Like Shodan, it displays database and table names and keeps a history of successful connections. It is free and self-hosted. Other similar web search engines include Censys, Shodan, ZoomEye, and Criminal IP.
LeakIX is a free service that offers a variety of features. First, users can find out what type of servers or devices have been compromised. They can also get alerts on active ransomware campaigns and other security vulnerabilities. The platform also indexes information from network operators, revealing potential data breaches. Additionally, it offers a platform for fixing security and misconfigurations. LeakIX also offers a database known as Vulners, which contains explanations for hundreds of software vulnerabilities. The database is constantly updated.
This photo was taken by Moose Photos and is available on Pexels at https://www.pexels.com/photo/photo-of-two-teal-and-pink-leather-crossbody-bags-1038000/.